X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=ref.php;h=3d62586d555d0d82f972bfd92bb408f992c5a25c;hb=e684ade068866c5bd756ee154f124f6faa71f8c6;hp=905abf7122db965a1c657283365f881151d8f2b3;hpb=d4dfd69a954e8374799ff0f21ca4f4e42ff6145a;p=mailer.git diff --git a/ref.php b/ref.php index 905abf7122..3d62586d55 100644 --- a/ref.php +++ b/ref.php @@ -6,9 +6,9 @@ * -------------------------------------------------------------------- * * File : ref.php * * -------------------------------------------------------------------- * - * Short description : Redirection for the referral link * + * Short description : Redirection for the referal link * * -------------------------------------------------------------------- * - * Kurzbeschreibung : Weiterleitungsscript fuer die Referral-Links * + * Kurzbeschreibung : Weiterleitungsscript fuer die Referal-Links * * -------------------------------------------------------------------- * * * * -------------------------------------------------------------------- * @@ -42,7 +42,7 @@ $GLOBALS['what'] = ""; $GLOBALS['action'] = ""; $GLOBALS['module'] = "ref"; $CSS = -1; // Load the required file(s) -require ("inc/config.php"); +require("inc/config.php"); // Redirect only to registration page when this script is installed if (isBooleanConstantAndTrue('mxchange_installed')) { @@ -58,18 +58,27 @@ if (isBooleanConstantAndTrue('mxchange_installed')) { break; } - // Get referral ID from ref or refid variable + // Get referal ID from ref or refid variable if (!empty($_GET['ref'])) $ref = secureString($_GET['ref']); elseif (!empty($_GET['refid'])) $ref = secureString($_GET['refid']); if (!empty($ref)) { // Test if nickname or numeric id - if ((EXT_IS_ACTIVE("nickname")) && ($ref != "".bigintval($ref)."")) { - // Nickname in URL, so load the ID - $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", - array($ref), __FILE__, __LINE__); - list($ref) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + if ($ref != "".($ref + 0)."") { + if (EXT_IS_ACTIVE("nickname")) { + // Nickname in URL, so load the ID + $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE nickname='%s' LIMIT 1", + array($ref), __FILE__, __LINE__); + + // Load userid + list($ref) = SQL_FETCHROW($result); + + // Free result + SQL_FREERESULT($result); + } else { + // Invalid request! + $ref = 0; + } } // END - if // Also edit this 0 !